Google Mail vulnerable to sidejacking, even though it has SSL

According to security researcher and CEO of Errata Security Robert Graham:

Google’s JavaScript code makes HTTP requests in the background via an XMLHttpRequest. By default, these requests are SSL-encrypted—but if SSL fails, they change to nonencrypted mode. When a user attempts to connect to a WiFi hotspot, Google Mail attempts to connect with SSL both enabled and disabled. Even if the attempt fails, session-ID cookies are still transmitted to the router, and can therefore be captured by anyone sitting nearby with an appropriately configured software suite.

Full coverage

Written by pinolobu on February 3rd, 2008 with no comments.
Read more articles on news.